Trend Micro announced on June 19 a Managed Detection and Response (MDR) service to assist security operations teams.
MDR provides managed cyber-security services that benefit from artificial intelligence (AI) capabilities to help detect threats. The new service is not intended to replace an organization’s existing security team, but rather is being positioned as a complementary approach.
“Trend Micro’s Managed Detection and Response service is meant to augment an organization’s existing security operations team, delivering managed threat hunting … for our customers,” Steve Neville, director of global strategy for Trend Micro, told eWEEK.
There is a significant skills shortage when it comes to security talent, and Trend Micro’s MDR service is an effort to help organizations that might not have all the security staff they need, according to Neville. The MDR service prioritizes and correlates alerts from protected networks endpoints, servers and cloud workloads, Neville said. In addition, he noted that the service provides an investigation of prioritized alerts alongside a remediation plan with Trend Micro security experts.
“This includes being able to immediately scan our customers for recent IoCs [indicators of compromise] and help them to remediate,” Neville said.
MDR is enabled by deploying sensors that are built into Trend Micro’s endpoint, network and server offerings across an environment, Neville said. The sensors deliver data to the service, which correlates alerts from multiple sources to automatically allow for identification of an attack source. MDR will also identify what risks need to be immediately addressed, he said.
“Remediation of the problems can be fully managed by the internal security team, or Trend Micro experts can also help as a part of the extended security team,” he said.
A key element of the MDR service is enhanced AI capabilities to help correlate and identify threats. While Trend Micro has had AI capabilities in its products since 2005, Neville said that what is in MDR is something new.
“The AI used in the MDR offering to correlate and prioritize data is a new capability,” he said. “It will also get used in other Trend Micro products in the future as it evolves.”
Trend Micro has been using a variety of AI technologies in its products and services since 2005, including adding pre-execution and run-time machine learning in its endpoint and server products in 2016, according to Neville. He added that in general, the technology approach for AI is something that Trend Micro does not share specifics on externally.
Looking forward, Neville said Trend Micro is continuing to develop its algorithms using in the AI technology for threat correlation and prioritization.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.